[PATCH] fips: Skip PCT if RSA keygen test-parms specified
Clemens Lang
cllang at redhat.com
Wed Sep 21 13:12:08 CEST 2022
* cipher/rsa.c (rsa_generate): Skip PCT is test-parms were specified.
* tests/t-rsa-testparm.c: Add test for this functionality
* tests/Makefile.am: Add test to build system
--
ACVP testing uses the test-parms option to specify p and q to be checked
for primality. When test-parms is specified, generate_fips() always
returns keys with p=q=0. These keys then fail the pairwise consistency
test, because they cannot be used to successfully sign a message and
verify the signature.
Skip the PCT when test-parms is specified.
Add a regression test to check that this functionality continues to work
in the future.
Signed-off-by: Clemens Lang <cllang at redhat.com>
---
cipher/rsa.c | 5 +-
tests/Makefile.am | 2 +-
tests/t-rsa-testparm.c | 130 +++++++++++++++++++++++++++++++++++++++++
3 files changed, 135 insertions(+), 2 deletions(-)
create mode 100644 tests/t-rsa-testparm.c
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 87f57b55..1a935d80 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -1218,6 +1218,7 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
int flags = 0;
gcry_sexp_t l1;
gcry_sexp_t swap_info = NULL;
+ int testparms = 0;
memset (&sk, 0, sizeof sk);
@@ -1274,6 +1275,8 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
}
deriveparms = (genparms? sexp_find_token (genparms, "test-parms", 0)
/**/ : NULL);
+ if (deriveparms)
+ testparms = 1;
/* Generate. */
if (deriveparms || fips_mode ())
@@ -1311,7 +1314,7 @@ rsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
mpi_free (sk.u);
sexp_release (swap_info);
- if (!ec && fips_mode () && test_keys_fips (*r_skey))
+ if (!ec && !testparms && fips_mode () && test_keys_fips (*r_skey))
{
sexp_release (*r_skey); *r_skey = NULL;
fips_signal_error ("self-test after key generation failed");
diff --git a/tests/Makefile.am b/tests/Makefile.am
index f65725bc..302d923b 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -28,7 +28,7 @@ tests_bin = \
aeswrap random
if USE_RSA
-tests_bin += pkcs1v2 t-rsa-pss t-rsa-15
+tests_bin += pkcs1v2 t-rsa-pss t-rsa-15 t-rsa-testparm
endif
if USE_DSA
diff --git a/tests/t-rsa-testparm.c b/tests/t-rsa-testparm.c
new file mode 100644
index 00000000..65617855
--- /dev/null
+++ b/tests/t-rsa-testparm.c
@@ -0,0 +1,130 @@
+/* t-rsa-testparm.c - Check the RSA Key Generation test-parm parameter
+ * Copyright (C) 2022 g10 Code GmbH
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <gcrypt.h>
+
+#include "stopwatch.h"
+
+#define PGM "t-rsa-testparm"
+#include "t-common.h"
+
+
+static void
+check_rsa_testparm ()
+{
+ gpg_error_t err;
+ gcry_sexp_t keyspec = NULL;
+ gcry_sexp_t key = NULL;
+ const char *sexp = "(genkey (rsa (nbits \"2048\") (test-parms "
+ "(e \"65537\")"
+ "(p #00bbccabcee15d343944a47e492d4b1f4de79633e20cbb46f7d2d6813392a807ad048"
+ "cf77528edd19f77e7453f25173b9dcb70423afa2037aae147b81a33d541fc58f875ef"
+ "f1e852ab55e2e09a3debfbc151b3b0d17fef6f74d81fca14fbae531418e211ef81859"
+ "2af70de5cec3b92795cc3578572bf456099cd8727150e523261#)"
+ "(q #00ca87ecf2883f4ed00a9ec65abdeba81d28edbfcc34ecc563d587f166b52d42bfbe2"
+ "2bbc095b0b8426a2f8bbc55baaa8859b42cbc376ed3067db3ef7b135b63481322911e"
+ "bbd7014db83aa051e0ca2dbf302b75cd37f2ae8df90e134226e92f6353a284b28bb30"
+ "af0bbf925b345b955328379866ebac11d55bc80fe84f105d415#)"
+ ")))";
+
+ info ("Checking RSA KeyGen test-parm parameter.\n");
+
+ err = gcry_sexp_build (&keyspec, NULL, sexp);
+ if (err)
+ {
+ fail ("error building SEXP for test: %s", gpg_strerror (err));
+ goto leave;
+ }
+
+ err = gcry_pk_genkey (&key, keyspec);
+ if (err)
+ {
+ fail ("gcry_pk_genkey failed for test: %s", gpg_strerror (err));
+ goto leave;
+ }
+
+leave:
+ if (key)
+ gcry_sexp_release (key);
+ if (keyspec)
+ gcry_sexp_release (keyspec);
+}
+
+
+int
+main (int argc, char **argv)
+{
+ int last_argc = -1;
+
+ if (argc)
+ { argc--; argv++; }
+
+ while (argc && last_argc != argc )
+ {
+ last_argc = argc;
+ if (!strcmp (*argv, "--"))
+ {
+ argc--; argv++;
+ break;
+ }
+ else if (!strcmp (*argv, "--help"))
+ {
+ fputs ("usage: " PGM " [options]\n"
+ "Options:\n"
+ " --verbose print timings etc.\n"
+ " --debug flyswatter\n",
+ stdout);
+ exit (0);
+ }
+ else if (!strcmp (*argv, "--verbose"))
+ {
+ verbose++;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--debug"))
+ {
+ verbose += 2;
+ debug++;
+ argc--; argv++;
+ }
+ else if (!strncmp (*argv, "--", 2))
+ die ("unknown option '%s'", *argv);
+
+ }
+
+ xgcry_control ((GCRYCTL_DISABLE_SECMEM, 0));
+ if (!gcry_check_version (GCRYPT_VERSION))
+ die ("version mismatch\n");
+ if (debug)
+ xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 0xffffffff, 0));
+
+ start_timer ();
+ check_rsa_testparm ();
+ stop_timer ();
+
+ info ("All tests completed in %s. Errors: %d\n",
+ elapsed_time (1), error_count);
+ return !!error_count;
+}
--
2.37.3
More information about the Gcrypt-devel
mailing list